CVE-2025-34152 Scanner

Shenzhen Aitemi M300 Wi-Fi Repeater is a device designed to extend wireless network coverage in homes and small offices. It is utilized by individuals and organizations seeking to improve Wi-Fi connectivity in areas with poor signal strength. The device is easy to set up and can provide additional network range without the need for expensive hardware or complex installations. Popular among tech-savvy homeowners and businesses, it helps in enhancing the digital experience by eliminating Wi-Fi dead zones. With its affordable pricing, it caters to a wide segment of the market needing extended Wi-Fi coverage. Therefore, it is pivotal that such devices maintain security robustness to protect users' data and network integrity.

Remote Code Execution (RCE) refers to the ability of an attacker to execute arbitrary code on a target system. This vulnerability allows unauthorized, malicious commands to be executed on a device, potentially leading to a full system compromise. RCE can be exceptionally dangerous as it might allow attackers to steal sensitive data, alter system configurations, or distribute malware. In the case of wireless repeaters, this could lead to significant network downtimes or unauthorized access to network data. Such vulnerabilities necessitate swift mitigation strategies to prevent exploitation. It is crucial for manufacturers to act promptly on identified risks to ensure user safety and privacy.

The vulnerability in the Shenzhen Aitemi M300 Wi-Fi Repeater exists in the 'time' parameter of the '/protocol.csp?' endpoint. This endpoint processes user inputs through the 'time' parameter, which is improperly sanitized. Due to inadequate input validation, attackers can inject OS commands via the 'time' parameter. The input bypasses traditional security measures, executed by the system's internal date -s' command. Consequently, remote attackers can execute arbitrary commands without rebooting or interrupting the HTTP services. This technical loophole enables attackers to compromise the device remotely and discreetly, posing a severe security threat.

Exploitation of this vulnerability can lead to unauthorized remote command execution on the Wi-Fi repeater. A successful attack allows malicious actors to gain control over network configurations. This can lead to information theft, interception of network traffic, or use of the device as a bot in a larger attack. Such exploitation could also cause disruption in network services, leading to potential downtimes for users. Maintainers and users must remain vigilant and implement protective measures to mitigate these risks. Continuous monitoring and timely firmware updates provide proactive defense against such threats.

REFERENCES

• https://chocapikk.com/posts/2025/when-a-wifi-name-gives-you-root-part-two/
• https://github.com/rapid7/metasploit-framework/pull/20455/files
• https://nvd.nist.gov/vuln/detail/CVE-2025-34152